cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
remm2005/09/22 10:20:21
Modified:webapps/docs changelog.xml
catalina/src/share/org/apache/catalina/connector
CoyoteAdapter.java
Log:
- 34749: jsessionid dropped on trailing slash (/) redirect.
Revision ChangesPath
1.379 +3 -0 jakarta-tomcat-catalina/webapps/docs/changelog.xml
Index: changelog.xml
===
RCS file: /home/cvs/jakarta-tomcat-catalina/webapps/docs/changelog.xml,v
retrieving revision 1.378
retrieving revision 1.379
diff -u -r1.378 -r1.379
--- changelog.xml 22 Sep 2005 14:21:18 - 1.378
+++ changelog.xml 22 Sep 2005 17:20:21 - 1.379
@@ -70,6 +70,9 @@
35609: service.bat echo command when wrong arguments
given [patch by Robert
Longson] (yoavs)
+
+34749: jsessionid dropped on trailing slash (/) redirect
(remm)
+
1.10 +7 -1
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java
Index: CoyoteAdapter.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- CoyoteAdapter.java30 Apr 2005 03:32:43 - 1.9
+++ CoyoteAdapter.java22 Sep 2005 17:20:21 - 1.10
@@ -305,6 +305,12 @@
if (!redirectPathMB.isNull()) {
String redirectPath = redirectPathMB.toString();
String query = request.getQueryString();
+if (request.isRequestedSessionIdFromURL()) {
+// This is not optimal, but as this is not very common, it
+// shouldn't matter
+redirectPath = redirectPath + ";jsessionid="
++ request.getRequestedSessionId();
+}
if (query != null) {
// This is not optimal, but as this is not very common, it
// shouldn't matter
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
>>Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an >>instance of HttpServlet. >> >>I've changed the code to return a constant set of methods if the servlet >>is not an instance of HttpServlet, avoiding the NPE. :) >> > > > My bad. I should pay more attention to Jasper :). > > However, a JSP page still will return 'Allow: OPTIONS' after all of this > work :). Yes, but you'll get a more useful reply for any custom HttpServlets. ;-) Notice that what the patch does is return the same methods that OPTIONS would have returned in the Allow response header, minus the disabled TRACE. Since the HTTP spec requires that the Allow header should reflect the capabilities of the requested resource, I think it is a good idea to follow it as much as we can. It's not like we're adding tons of code in order to achieve this. :) Jan - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
- Original Message -
From: "Jan Luehe" <[EMAIL PROTECTED]>
To: "Tomcat Developers List" <[EMAIL PROTECTED]>
Sent: Thursday, October 28, 2004 9:45 AM
Subject: Re: cvs commit:
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector
CoyoteAdapter.java
> Bill,
>
> Bill Barker wrote:
> > <[EMAIL PROTECTED]> wrote in message
> > news:[EMAIL PROTECTED]
> >
> >>luehe 2004/10/27 15:58:17
> >>
> >> +
> >> +private Method[] getAllDeclaredMethods(Class c) {
> >> +
> >> +if (c.equals(javax.servlet.http.HttpServlet.class)) {
> >> +return null;
> >> +}
> >> +
> >> +Method[] parentMethods =
> >>getAllDeclaredMethods(c.getSuperclass());
> >
> >
> > If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will
> > recurse down to j.l.Object, when c.getSuperClass will return 'null', and
you
> > will get an NPE from the 'c.equals' line.
>
> Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an
> instance of HttpServlet.
>
> I've changed the code to return a constant set of methods if the servlet
> is not an instance of HttpServlet, avoiding the NPE. :)
>
My bad. I should pay more attention to Jasper :).
However, a JSP page still will return 'Allow: OPTIONS' after all of this
work :).
> Thanks,
>
> Jan
>
>
> > IMHO, this patch is an overly complex way to try and determine something
> > that isn't determinable under the servlet spec (again, think JSP page
:).
> > You might as well just set the Allow header to any old constant set of
> > methods.
> >
> >
> >
> >
> >
> > -
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
This message is intended only for the use of the person(s) listed above as the
intended recipient(s), and may contain information that is PRIVILEGED and
CONFIDENTIAL. If you are not an intended recipient, you may not read, copy, or
distribute this message or any attachment. If you received this communication in
error, please notify us immediately by e-mail and then delete all copies of this
message and any attachments.
In addition you should be aware that ordinary (unencrypted) e-mail sent through the
Internet is not secure. Do not send confidential or sensitive information, such as
social security numbers, account numbers, personal identification numbers and
passwords, to us via ordinary (unencrypted) e-mail.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
Bill,
Bill Barker wrote:
> <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]
>
>>luehe 2004/10/27 15:58:17
>>
>> +
>> +private Method[] getAllDeclaredMethods(Class c) {
>> +
>> +if (c.equals(javax.servlet.http.HttpServlet.class)) {
>> +return null;
>> +}
>> +
>> +Method[] parentMethods =
>>getAllDeclaredMethods(c.getSuperclass());
>
>
> If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will
> recurse down to j.l.Object, when c.getSuperClass will return 'null', and you
> will get an NPE from the 'c.equals' line.
Actually, in the case of a JSP, we're dealing w/ JspServlet, which is an
instance of HttpServlet.
I've changed the code to return a constant set of methods if the servlet
is not an instance of HttpServlet, avoiding the NPE. :)
Thanks,
Jan
> IMHO, this patch is an overly complex way to try and determine something
> that isn't determinable under the servlet spec (again, think JSP page :).
> You might as well just set the Allow header to any old constant set of
> methods.
>
>
>
>
>
> -
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
Bill Barker wrote:
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
luehe 2004/10/27 15:58:17
+
+private Method[] getAllDeclaredMethods(Class c) {
+
+if (c.equals(javax.servlet.http.HttpServlet.class)) {
+return null;
+}
+
+Method[] parentMethods =
getAllDeclaredMethods(c.getSuperclass());
If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will
recurse down to j.l.Object, when c.getSuperClass will return 'null', and you
will get an NPE from the 'c.equals' line.
IMHO, this patch is an overly complex way to try and determine something
that isn't determinable under the servlet spec (again, think JSP page :).
You might as well just set the Allow header to any old constant set of
methods.
I agree being lazy has its good points:
"Allow: GET, HEAD, POST" would be good enough for me :)
I don't like cut & pasting so much code :(
Rémy
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Re: cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
> luehe 2004/10/27 15:58:17
>
> +
> +private Method[] getAllDeclaredMethods(Class c) {
> +
> +if (c.equals(javax.servlet.http.HttpServlet.class)) {
> +return null;
> +}
> +
> +Method[] parentMethods =
> getAllDeclaredMethods(c.getSuperclass());
If the servlet isn't a HttpServlet (e.g. it's a JSP page) then this will
recurse down to j.l.Object, when c.getSuperClass will return 'null', and you
will get an NPE from the 'c.equals' line.
IMHO, this patch is an overly complex way to try and determine something
that isn't determinable under the servlet spec (again, think JSP page :).
You might as well just set the Allow header to any old constant set of
methods.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
luehe 2004/10/27 15:58:17
Modified:catalina/src/share/org/apache/catalina/core
StandardWrapper.java
catalina/src/share/org/apache/catalina Wrapper.java
catalina/src/share/org/apache/catalina/connector
CoyoteAdapter.java
Log:
If TRACE has been disabled, return appropriate error code
(405, instead of the current 403) and include Allow header in response, in
order to comply with HTTP 1.1 spec:
10.4.6 405 Method Not Allowed
The method specified in the Request-Line is not allowed for the
resource identified by the Request-URI. The response MUST include an
Allow header containing a list of valid methods for the requested
resource.
Revision ChangesPath
1.54 +69 -2
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java
Index: StandardWrapper.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/core/StandardWrapper.java,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -r1.53 -r1.54
--- StandardWrapper.java 26 Oct 2004 21:55:43 - 1.53
+++ StandardWrapper.java 27 Oct 2004 22:58:17 - 1.54
@@ -17,11 +17,12 @@
package org.apache.catalina.core;
-
+import java.lang.reflect.Method;
import java.io.PrintStream;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Stack;
import java.security.AccessController;
import java.security.PrivilegedActionException;
@@ -551,6 +552,44 @@
}
+/**
+ * Gets the names of the methods supported by the underlying servlet.
+ *
+ * This is the same set of methods included in the Allow response header
+ * in response to an OPTIONS request method processed by the underlying
+ * servlet.
+ *
+ * @return Array of names of the methods supported by the underlying
+ * servlet
+ */
+public String[] getServletMethods() throws ServletException {
+
+HashSet allow = new HashSet();
+allow.add("TRACE");
+allow.add("OPTIONS");
+
+Method[] methods = getAllDeclaredMethods(loadServlet().getClass());
+for (int i=0; methods != null && i 0)) {
+Method[] allMethods =
+new Method[parentMethods.length + thisMethods.length];
+ System.arraycopy(parentMethods, 0, allMethods, 0,
+ parentMethods.length);
+ System.arraycopy(thisMethods, 0, allMethods, parentMethods.length,
+ thisMethods.length);
+
+ thisMethods = allMethods;
+ }
+
+ return thisMethods;
}
1.6 +14 -1
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Wrapper.java
Index: Wrapper.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/Wrapper.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Wrapper.java 26 May 2004 15:28:42 - 1.5
+++ Wrapper.java 27 Oct 2004 22:58:17 - 1.6
@@ -132,6 +132,19 @@
/**
+ * Gets the names of the methods supported by the underlying servlet.
+ *
+ * This is the same set of methods included in the Allow response header
+ * in response to an OPTIONS request method processed by the underlying
+ * servlet.
+ *
+ * @return Array of names of the methods supported by the underlying
+ * servlet
+ */
+public String[] getServletMethods() throws ServletException;
+
+
+/**
* Is this servlet currently unavailable?
*/
public boolean isUnavailable();
1.8 +32 -13
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java
Index: CoyoteAdapter.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- CoyoteAdapter.java19 Oct 2004 15:28:13 - 1.7
+++ CoyoteAdapter.java27 Oct 2004 22:58:17 - 1.8
@@ -171,10 +171,11 @@
* Parse additional request parameters.
*/
protected boolean postParseRequest(org.apache.coyote.Request req,
-Request request,
-org.apache.coyote.Response res,
-Response
response)
-th
cvs commit: jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector CoyoteAdapter.java
remm2004/10/19 08:28:13
Modified:catalina/src/share/org/apache/catalina/connector
CoyoteAdapter.java
Log:
- Optimize session IDs conversion to String.
Revision ChangesPath
1.7 +28 -1
jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java
Index: CoyoteAdapter.java
===
RCS file:
/home/cvs/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/connector/CoyoteAdapter.java,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- CoyoteAdapter.java4 Oct 2004 09:25:11 - 1.6
+++ CoyoteAdapter.java19 Oct 2004 15:28:13 - 1.7
@@ -366,6 +366,7 @@
// Override anything requested in the URL
if (!request.isRequestedSessionIdFromCookie()) {
// Accept only the first session id cookie
+convertMB(scookie.getValue());
request.setRequestedSessionId
(scookie.getValue().toString());
request.setRequestedSessionCookie(true);
@@ -376,6 +377,7 @@
} else {
if (!request.isRequestedSessionIdValid()) {
// Replace the session id until one is valid
+convertMB(scookie.getValue());
request.setRequestedSessionId
(scookie.getValue().toString());
}
@@ -432,6 +434,31 @@
cbuf[i] = (char) (bbuf[i + start] & 0xff);
}
uri.setChars(cbuf, 0, bc.getLength());
+
+}
+
+
+/**
+ * Character conversion of the a US-ASCII MessageBytes.
+ */
+protected void convertMB(MessageBytes mb) {
+
+// This is of course only meaningful for bytes
+if (mb.getType() != MessageBytes.T_BYTES)
+return;
+
+ByteChunk bc = mb.getByteChunk();
+CharChunk cc = mb.getCharChunk();
+cc.allocate(bc.getLength(), -1);
+
+// Default encoding: fast conversion
+byte[] bbuf = bc.getBuffer();
+char[] cbuf = cc.getBuffer();
+int start = bc.getStart();
+for (int i = 0; i < bc.getLength(); i++) {
+cbuf[i] = (char) (bbuf[i + start] & 0xff);
+}
+mb.setChars(cbuf, 0, bc.getLength());
}
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
